Many devices use external storage devices to access and store data. For example, various photo/video cameras, appliances, smartphones, embedded systems, etc. store data (e.g., digital photographs, videos, etc.) on removable storage devices, such as Secure Digital (SD) cards (e.g., standard or micro SD cards).
However, files stored in an SD card are often not protected. Further, if the files are protected, managing access authorization to the files may be difficult or limit usability of the SD card. For example, photos taken with a digital camera and stored on an SD card in an unencrypted format are susceptible to data breach or disclosure if the SD card is accessed without author approval. On the other hand, if the digital camera encrypts the photos, then a device (e.g., a personal computer) must execute specialized software to unencrypt the content, creating a strict dependency between the devices and limiting usability of the SD card.
SD cards support a variety of security options. For example, referring to FIG. 1, an SD card 100 may include a read-only switch. When the read-only switch is placed in position 110A, the memory on the SD card can be written to or modified. When the read-only switch is placed in position 110B, the SD card is locked, and the data is read-only. The read-only switch may not prevent unauthorized access to the files stored in a SD card because the read-only switch does not prevent reads, and an unauthorized user can change the position of the read-only switch.
SD cards are designed to support “Content Protection for Recordable Media” for digital rights management (DRM) content-protection. However, this is limited to those buying a license from the SD Association, as the design is not publicly available. This may be more suitable for multimedia content distribution companies (music, video, software, etc.) than for consumers.
Some devices take advantage of proprietary solutions to protect the data. For example, Windows Phone used to set a device-specific key in the protected area of the SD card to take “ownership” of the memory card. With the key set, the card would not work with another phone. This solution prevents an authorized user from manipulating the memory card from different devices (e.g., a PC, a smartphone, an IP/digital camera, or an embedded system).
In some implementations, a 16 byte password is used to control access to the SD card, but this is an ON/OFF solution which allows entire access (read/write/delete) once the password is provided. There may not be a way to use this password for just some of the files in the memory, or to customize the password based on the device. Once one has the password, information can be accessed in any device, without limitations.
In some implementations, devices implement their own strategy to protect files stored on an SD card (e.g., proprietary encryption). However, this requires either using the SD card only on that device (eliminating the possibility to manipulate the memory card from a different device) or installing proprietary software in different devices (e.g., in the PC). This may be inconvenient and does not solve the problem for all the devices in the market.
Accordingly, known solutions may be insufficient or inconvenient for a user.